[iPwnz]

dont know how the signing works and if you are change the package if thats is ruining the signing, but what comes to my mind is slipping something in a original .pkg file (exploits ect) and run it from inside the installable application, because the file is signed and may have more rights to get cfw/jailbreak?

[bigfishbad]

Originally Posted by TizzyT The official pkgs are signed properly with signature. the old way of signing things would just place in a sense a dummy signature as 3.55 and under do not check the signatures properly or at all. This is more accurately explained on KakaRoTo's blog. SOURCE

at the very end

"So to summarize, a “signed file” is a file which is digitally signed with an “ECDSA signature” that cannot be forged, unless you have the “private key” for it, which is impossible to obtain usually, but we were able to obtain it because Sony failed in implementing it properly"



so we can obtain it somehow aswell? this might be possible after all BUT its way over my head now lol
************* [ - Post Merged - ] *************

Originally Posted by iPwnz dont know how the signing works and if you are change the package if thats is ruining the signing, but what comes to my mind is slipping something in a original .pkg file (exploits ect) and run it from inside the installable application, because the file is signed and may have more rights to get cfw/jailbreak?

if anybody has any pkg's and whats me to try just write in this thread with the download for the pkg

[TizzyT]

Originally Posted by bigfishbad at the very end "So to summarize, a “signed file” is a file which is digitally signed with an “ECDSA signature” that cannot be forged, unless you have the “private key” for it, which is impossible to obtain usually, but we were able to obtain it because Sony failed in implementing it properly" so we can obtain it somehow aswell? this might be possible after all BUT its way over my head now lol ************* [ - Post Merged - ] ************* if anybody has any pkg's and whats me to try just write in this thread with the download for the pkg

That's about it, F0F was able to get the signature or private key (I forget which) because they had a math genius on their team and they also had all parts required for the ecdsa formula(s).

[bigfishbad]

Originally Posted by TizzyT That's about it, F0F was able to get the signature because they had a math genius on their team and they also had all parts required for the ecdsa formula(s).

i was just reading up on it on here

http://kakaroto.homelinux.net/2012/0...gorithm-works/
&
http://en.wikipedia.org/wiki/ECDSA?banner=no


we have no chance you see some of that ****
much respect to any dev who understands how that works

[TizzyT]

Originally Posted by bigfishbad i was just reading up on it on here http://kakaroto.homelinux.net/2012/0...gorithm-works/ & http://en.wikipedia.org/wiki/ECDSA?banner=no we have no chance you see some of that **** much respect to any dev who understands how that works

LOL don't worry the devs who are working on it already get it, most likely. I sure kakaroto has atleast an ok understanding of it, I know F0F knows it.

[bigfishbad]

Now, back on topic.. so what is this missing “npdrm hash algorithm” that we need? well it turns out that the “npdrm self” has a second signature, so it’s a “encrypted and signed self file” with an additional layer of security (the NPDRM layer) which re-encrypts it and re-signs it again. That second signature was not verified in 3.55 and is now verified since the 3.60 version of the PS3 firmware. One important thing to note is that Sony did NOT make the same mistake with this signature, they always used a random number, so it it technically impossible to figure out the private key for it. To be more exact, this is the exact same case as the .pkg packages you install on the PS3, you need to patch the firmware (making it cfw) so that those .pkg files can be installed, and that’s because the .pkg files are signed with an ECDSA signature for which no one was able to get the private key. That’s why we call them “pseudo-retail packages” or “unsigned packages”. The signature on the NPDRM self file uses the exact same ECDSA curve and the same key as the one used in PS3 .pkg files, so no one has (or could have) the private key for it. What this means is that, even though we finally figured out the missing piece and we now know how the NPDRM self is built, we simply cannot duplicate it. The reason we wasted 2 months on this is because Mathieulh lied by saying that he can do it.. remember when the 4.0 was out and I said “I can confirm that my method still works” then he also confirmed that his “npdrm hash algorithm” still works too? well he didn’t do anything to confirm, he just lied about it because there is no way that he could have verified it because he doesn’t have the private key.

http://kakaroto.homelinux.net/2012/0...e-ps3-4-0-hen/
************* [ - Post Merged - ] *************
so we cant install unsigned PKG on a CEX machine (think outside the box people) !!!!

so what if we modified lv2_kernel.self with this http://www.ps3hax.net/2012/02/releas...es-by-dexl0ve/

to turn our 3.55 ps3 into DEX machines ? would the pkg then install ? better question would the modified lv2_kernal.self stay modified if you then updated or done a data transfer

[abdelkarim]

Hy homie.
I sent you an email but you didn't respond.
Are you still working on your exploit or you give up ?
Peace.

[munky875821417]

Originally Posted by bigfishbad http://kakaroto.homelinux.net/2012/0...e-ps3-4-0-hen/ ************* [ - Post Merged - ] ************* so we cant install unsigned PKG on a CEX machine (think outside the box people) !!!! so what if we modified lv2_kernel.self with this http://www.ps3hax.net/2012/02/releas...es-by-dexl0ve/ to turn our 3.55 ps3 into DEX machines ? would the pkg then install ? better question would the modified lv2_kernal.self stay modified if you then updated or done a data transfer

I was wondering the same thing too about the updating

[abdelkarim]

Hy, did you give up your project or you will release the method ? Peace

PS : TizzyT, it seems that you know the method too ?

[TizzyT]

Originally Posted by abdelkarim Hy, did you give up your project or you will release the method ? Peace PS : TizzyT, it seems that you know the method too ?

LOL in a sense I only know what I think I know.